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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 

2a)D This action is FINAL. 2b)K This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 7-36 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) Q Claim(s) is/are allowed. 

6) KI Claim(s) 7-36 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
Priority under 35 U.S.C. §§119 and 120 



12)g] Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some*c)D None of: 

1 0 Certified copies of the priority documents have been received. 
2.Q Certified copies of the priority documents have been received in Application No. 



3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

13) ^ Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 119(e) (to a provisional application) 

since a specific reference was included in the first sentence of the specification or in an Application Data Sheet. 
37 CFR 1.78. 

a) □ The translation of the foreign language provisional application has been received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 since a specific 

reference was included in the first sentence of the specification or in an Application Data Sheet. 37 CFR 1 .78. 

Attachment(s) 

1) ^ Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) Paper No(s). 



2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) D Notice of Informal Patent Application (PTO-152) 

3) |EI Information Disclosure Statement(s) (PTO-1449) Paper No(s) 4.5.7 . 6) D Other: 
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DETAILED ACTION 



Claim Rejections - 35 USC § 102 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the United 
States before the invention thereof by the applicant for patent, or on an international application by another who 
has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this title before the invention 
thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 1999 
(AIPA) and the Intellectual Property and High Technology Technical Amendments Act of 2002 
do not apply when the reference is a U.S. patent resulting directly or indirectly from an 
international application filed before November 29, 2000. Therefore, the prior art date of the 
reference is determined under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre- AIPA 
35 U.S.C. 102(e)). 

Claims 1-36 are rejected under 35 U.S.C. 102(e) as being anticipated by Yatsukawa, US. 
Pat. No. 6,148,404, issued Nov. 2000. 

As per claims 1, 4, 6, 11, 12 and 14, Yatsukawa is directed to an authentication method 
and system using authentication information valid for one time (i.e. one-time password), see 
abstarct, see also col. 1, lines 1-10. 

In an exemplary embodiment and in a simplified network constructed with a client X 
serving as an authentication requester, and a server Y serving as an authentication server, 
Yatsukawa teaches that the client side has a seed data file used for generating authentication 
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data while the server side has an inspection data file used for inspecting client authentication 
data, see col. 15, lines 20-48. 

Yatsukawa teaches that the client X before requesting a log-in, registers (once) an initial 
data seed data at the server Y, see col. 15 line 65 through col. 16, line 3, see also col. 11, lines 1- 
39. 

According to Yatsukawa' s preferred embodiment, the client X enciphers the seed data 
(i.e. obtaining one-time password), which is stored by the client X, by using its secret key (Ks) to 
generate an authentication data (Dl) to be returned to the server Y, and sends the generated data 
(i.e. one-time authentication request ) to the server Y, see col. 18, line 46 though col. 17, line 36. 
Upon receiving Dl from the client, the server Y deciphers the received data (Dl) using public 
key Kp of the client and compares and collates the deciphered data with an inspection data of the 
client X read out of the client-authentication data inspection file and the server returns (i.e. an 
authentication -data response) the collation result to the client X. In case where the collation 
result is coincident, the client X is the authentic client. 

Yatsukawa discloses that in preparation of the next log-in request from the client, the 
enciphered authentication data (Dl) received from the client X is stored in the inspection data 
file and the server updates (i.e. replaces) this authentication data only when the collation result is 
coincident and the inspection data file is used for the next log-in. 

Yatsukawa further teaches that the client who receives the authentication processing 
result from the server (i.e. authentication response) determines whether or not the authentication 
processing result is a grant or reject, see col. 17, lines 33-50 and in case where the authentication 
is granted, the authentication Dl (which is a function of previous authentication data ) sent to 
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the server is stored in a file as seed Dl. Next time the client performs log-in, the above steps are 
repeated. That is, the previous authentication data stored at the server and the client is used as a 
seed data to the authentication data processing/ 

As per claims 2- 3, 5,7,13 and 15, Yatsukawa teaches that the one-time authentication 
data (send by the user and used in a comparison process by the server is a function of client's 
private key/private key , see col. 17,lines 51-64. 

As per claim 8, Yatsukawa' s seed data (i.e. a random number or the like) and that the 
authentication data from the client x is produced by enciphering a changing authentication data 
(i.e. a one-time password), see col. 4-12, see also, col. 16, lines 53-61, and that the server 
decrypts the received authentication data using the client's public key, see col. 11, lines 40-50, 
see also col. 17, lines 2-14. 

As per claim 9, according to the authentication protocol disclosed by Yatsukawa, the 
client X generates authentication data based on initial seed data at the time of initial 
authentication session, see col. 16, lines 33-42, and that when authentication is granted, the 
previous stored seed data (Dn-1) is enciphered by the secret key(Ks) of the client X and stored as 
seed data Dn for the next authentication session. That is, the inspection data and the seed data are 
changed every time the client requests an authentication. to the server, see col. 22, lines 42-51. 
and that the one-time authentication data is enciphered using a private key (i.e. a secret datum). 

As per claim 10, Yatsukawa teaches an authentication-data inspection data file processed 
by the server Y, see col. 15, lines 49-55 wherein the server has "authentication-data 
inspection data D" (i.e. a one time password), "public key Kp", "public -key certificate CKp" 
for each client. Yatsukawa further teaches that the server collates the received authentication data 
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with the inspection data D stored in advance. The teaching of Yatsukawa clearly suggests using 
the changing authentication data (or one time password) to locate an entry in the inspection file 
to perform the collation, see col. 16, lines 18-30. 

Claims 16-36 are apparatuses corresponding to the method claims 1-15. Claims 16-36 
are rejected for the same reasons provided in the statement of rejections of claims 1-15 above 
and Yatsukawa Figures 11-19 and the text (col. 12, lines 1 through col. 13, line 67. 



Any inquiry concerning this communication or earlier communications from examiner 
should be directed to Taghi Arani, whose telephone number is (703) 305-4274. The examiner 
can normally be reached Monday through Friday from 8:00 AM to 5:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh, can be reached at (703) 305-9648. The Fax numbers for the 
organization where this application is assigned is: 
(703) 872-9306 



Conclusion 



December 10, 2003 



Taghi Arani 



Patent Examiner 




